@DatabaseIdentityStoreDefinition( dataSourceLookup = "jdbc/authenticator", callerQuery = "SELECT password from user_password where name = ?", groupsQuery = "SELECT role from user_roles where name = ?" ) public class DatabaseIdentityStoreConfiguration { }
public static boolean hasAnyELExpression(DatabaseIdentityStoreDefinition in) { return AnnotationELPProcessor.hasAnyELExpression( in.dataSourceLookup(), in.callerQuery(), in.groupsQuery(), in.priorityExpression(), in.useForExpression() ); }
@Override public int priority() { return dataBaseIdentityStoreDefinition.priority(); }
public static DatabaseIdentityStoreDefinition eval(DatabaseIdentityStoreDefinition in) { if (!hasAnyELExpression(in)) { return in; } DatabaseIdentityStoreDefinitionAnnotationLiteral out = new DatabaseIdentityStoreDefinitionAnnotationLiteral( evalImmediate(in.dataSourceLookup()), evalImmediate(in.callerQuery()), evalImmediate(in.groupsQuery()), in.hashAlgorithm(), in.hashAlgorithmParameters(), evalImmediate(in.priorityExpression(), in.priority()), emptyIfImmediate(in.priorityExpression()), evalImmediate(in.useForExpression(), in.useFor()), emptyIfImmediate(in.useForExpression()) ); out.setHasDeferredExpressions(hasAnyELExpression(out)); return out; }
public DatabaseIdentityStore(DatabaseIdentityStoreDefinition dataBaseIdentityStoreDefinition) { this.dataBaseIdentityStoreDefinition = dataBaseIdentityStoreDefinition; validationTypes = unmodifiableSet(new HashSet<>(asList(dataBaseIdentityStoreDefinition.useFor()))); hashAlgorithm = getBeanReference(dataBaseIdentityStoreDefinition.hashAlgorithm()); hashAlgorithm.initialize( unmodifiableMap( stream( dataBaseIdentityStoreDefinition.hashAlgorithmParameters()) .flatMap(s -> toStream(evalImmediate(s, (Object)s))) .collect(toMap( s -> s.substring(0, s.indexOf('=')) , s -> evalImmediate(s.substring(s.indexOf('=') + 1)) )))); }
public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) { DataSource dataSource = getDataSource(); List<String> passwords = executeQuery( dataSource, dataBaseIdentityStoreDefinition.callerQuery(), usernamePasswordCredential.getCaller() ); if (passwords.isEmpty()) { return INVALID_RESULT; } if (hashAlgorithm.verify(usernamePasswordCredential.getPassword().getValue(), passwords.get(0))) { Set<String> groups = emptySet(); if (validationTypes.contains(ValidationType.PROVIDE_GROUPS)) { groups = new HashSet<>(executeQuery(dataSource, dataBaseIdentityStoreDefinition.groupsQuery(), usernamePasswordCredential.getCaller())); } return new CredentialValidationResult(new CallerPrincipal(usernamePasswordCredential.getCaller()), groups); } return INVALID_RESULT; }
@Override public Set<String> getCallerGroups(CredentialValidationResult validationResult) { SecurityManager securityManager = System.getSecurityManager(); if (securityManager != null) { securityManager.checkPermission(new IdentityStorePermission("getGroups")); } DataSource dataSource = getDataSource(); return new HashSet<>(executeQuery( dataSource, dataBaseIdentityStoreDefinition.groupsQuery(), validationResult.getCallerPrincipal().getName()) ); }
private DataSource getDataSource() { DataSource dataSource = null; try { dataSource = jndiLookup(dataBaseIdentityStoreDefinition.dataSourceLookup()); if (dataSource == null) { throw new IdentityStoreConfigurationException("Jndi lookup failed for DataSource " + dataBaseIdentityStoreDefinition.dataSourceLookup()); } } catch (IdentityStoreConfigurationException e) { throw e; } catch (Exception e) { throw new IdentityStoreRuntimeException(e); } return dataSource; } }
public static DatabaseIdentityStoreDefinition eval(DatabaseIdentityStoreDefinition in) { if (!hasAnyELExpression(in)) { return in; } DatabaseIdentityStoreDefinitionAnnotationLiteral out = new DatabaseIdentityStoreDefinitionAnnotationLiteral( evalImmediate(in.dataSourceLookup()), evalImmediate(in.callerQuery()), evalImmediate(in.groupsQuery()), in.hashAlgorithm(), in.hashAlgorithmParameters(), evalImmediate(in.priorityExpression(), in.priority()), emptyIfImmediate(in.priorityExpression()), evalImmediate(in.useForExpression(), in.useFor()), emptyIfImmediate(in.useForExpression()) ); out.setHasDeferredExpressions(hasAnyELExpression(out)); return out; }
public DatabaseIdentityStore(DatabaseIdentityStoreDefinition dataBaseIdentityStoreDefinition) { this.dataBaseIdentityStoreDefinition = dataBaseIdentityStoreDefinition; validationTypes = unmodifiableSet(new HashSet<>(asList(dataBaseIdentityStoreDefinition.useFor()))); hashAlgorithm = getBeanReference(dataBaseIdentityStoreDefinition.hashAlgorithm()); hashAlgorithm.initialize( unmodifiableMap( stream( dataBaseIdentityStoreDefinition.hashAlgorithmParameters()) .flatMap(s -> toStream(evalImmediate(s, (Object)s))) .collect(toMap( s -> s.substring(0, s.indexOf('=')) , s -> evalImmediate(s.substring(s.indexOf('=') + 1)) )))); }
public CredentialValidationResult validate(UsernamePasswordCredential usernamePasswordCredential) { DataSource dataSource = getDataSource(); List<String> passwords = executeQuery( dataSource, dataBaseIdentityStoreDefinition.callerQuery(), usernamePasswordCredential.getCaller() ); if (passwords.isEmpty()) { return INVALID_RESULT; } if (hashAlgorithm.verify(usernamePasswordCredential.getPassword().getValue(), passwords.get(0))) { Set<String> groups = emptySet(); if (validationTypes.contains(ValidationType.PROVIDE_GROUPS)) { groups = new HashSet<>(executeQuery(dataSource, dataBaseIdentityStoreDefinition.groupsQuery(), usernamePasswordCredential.getCaller())); } return new CredentialValidationResult(new CallerPrincipal(usernamePasswordCredential.getCaller()), groups); } return INVALID_RESULT; }
@Override public Set<String> getCallerGroups(CredentialValidationResult validationResult) { SecurityManager securityManager = System.getSecurityManager(); if (securityManager != null) { securityManager.checkPermission(new IdentityStorePermission("getGroups")); } DataSource dataSource = getDataSource(); return new HashSet<>(executeQuery( dataSource, dataBaseIdentityStoreDefinition.groupsQuery(), validationResult.getCallerPrincipal().getName()) ); }
private DataSource getDataSource() { DataSource dataSource = null; try { dataSource = jndiLookup(dataBaseIdentityStoreDefinition.dataSourceLookup()); if (dataSource == null) { throw new IdentityStoreConfigurationException("Jndi lookup failed for DataSource " + dataBaseIdentityStoreDefinition.dataSourceLookup()); } } catch (IdentityStoreConfigurationException e) { throw e; } catch (Exception e) { throw new IdentityStoreRuntimeException(e); } return dataSource; } }
public static boolean hasAnyELExpression(DatabaseIdentityStoreDefinition in) { return AnnotationELPProcessor.hasAnyELExpression( in.dataSourceLookup(), in.callerQuery(), in.groupsQuery(), in.priorityExpression(), in.useForExpression() ); }
@Override public int priority() { return dataBaseIdentityStoreDefinition.priority(); }